Fix NPE
Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>
This commit is contained in:
parent
5f372b8483
commit
85cace1142
2 changed files with 35 additions and 2 deletions
|
@ -79,9 +79,23 @@ public class JWKParser {
|
||||||
}
|
}
|
||||||
|
|
||||||
private PublicKey createECPublicKey() {
|
private PublicKey createECPublicKey() {
|
||||||
|
/* Check if jwk.getOtherClaims return an empty map */
|
||||||
|
if (jwk.getOtherClaims().size() == 0) {
|
||||||
|
throw new RuntimeException("JWK Otherclaims map is empty.");
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Try retrieving the necessary fields */
|
||||||
String crv = (String) jwk.getOtherClaims().get(ECPublicJWK.CRV);
|
String crv = (String) jwk.getOtherClaims().get(ECPublicJWK.CRV);
|
||||||
BigInteger x = new BigInteger(1, Base64Url.decode((String) jwk.getOtherClaims().get(ECPublicJWK.X)));
|
String xStr = (String) jwk.getOtherClaims().get(ECPublicJWK.X);
|
||||||
BigInteger y = new BigInteger(1, Base64Url.decode((String) jwk.getOtherClaims().get(ECPublicJWK.Y)));
|
String yStr = (String) jwk.getOtherClaims().get(ECPublicJWK.Y);
|
||||||
|
|
||||||
|
/* Check if the retrieving of necessary fields success */
|
||||||
|
if (crv == null || xStr == null || yStr == null) {
|
||||||
|
throw new RuntimeException("Fail to retrieve ECPublicJWK.CRV, ECPublicJWK.X or ECPublicJWK.Y field.");
|
||||||
|
}
|
||||||
|
|
||||||
|
BigInteger x = new BigInteger(1, Base64Url.decode(xStr));
|
||||||
|
BigInteger y = new BigInteger(1, Base64Url.decode(yStr));
|
||||||
|
|
||||||
String name;
|
String name;
|
||||||
switch (crv) {
|
switch (crv) {
|
||||||
|
|
|
@ -27,6 +27,7 @@ import org.keycloak.common.util.KeyUtils;
|
||||||
import org.keycloak.common.util.PemUtils;
|
import org.keycloak.common.util.PemUtils;
|
||||||
import org.keycloak.crypto.JavaAlgorithm;
|
import org.keycloak.crypto.JavaAlgorithm;
|
||||||
import org.keycloak.crypto.KeyType;
|
import org.keycloak.crypto.KeyType;
|
||||||
|
import org.keycloak.crypto.KeyUse;
|
||||||
import org.keycloak.common.crypto.CryptoIntegration;
|
import org.keycloak.common.crypto.CryptoIntegration;
|
||||||
import org.keycloak.rule.CryptoInitRule;
|
import org.keycloak.rule.CryptoInitRule;
|
||||||
import org.keycloak.util.JsonSerialization;
|
import org.keycloak.util.JsonSerialization;
|
||||||
|
@ -47,6 +48,7 @@ import static org.junit.Assert.assertArrayEquals;
|
||||||
import static org.junit.Assert.assertEquals;
|
import static org.junit.Assert.assertEquals;
|
||||||
import static org.junit.Assert.assertNotNull;
|
import static org.junit.Assert.assertNotNull;
|
||||||
import static org.junit.Assert.assertTrue;
|
import static org.junit.Assert.assertTrue;
|
||||||
|
import static org.junit.Assert.fail;
|
||||||
import static org.keycloak.common.util.CertificateUtils.generateV1SelfSignedCertificate;
|
import static org.keycloak.common.util.CertificateUtils.generateV1SelfSignedCertificate;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -207,6 +209,23 @@ public abstract class JWKTest {
|
||||||
assertEquals("X.509", key.getFormat());
|
assertEquals("X.509", key.getFormat());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void emptyEcOverclaim() throws Exception {
|
||||||
|
JWKBuilder builder = JWKBuilder.create();
|
||||||
|
KeyPairGenerator generator = KeyPairGenerator.getInstance("EC");
|
||||||
|
KeyPair keyPair = generator.generateKeyPair();
|
||||||
|
JWK jwk = builder.ec(keyPair.getPublic(), KeyUse.ENC);
|
||||||
|
JWKParser parser = new JWKParser(jwk);
|
||||||
|
|
||||||
|
try {
|
||||||
|
parser.toPublicKey();
|
||||||
|
} catch (NullPointerException e) {
|
||||||
|
fail("NullPointerException is thrown: " + e.getMessage());
|
||||||
|
} catch (RuntimeException e) {
|
||||||
|
// Other runtime exception is expected.
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
private byte[] sign(byte[] data, String javaAlgorithm, PrivateKey key) throws Exception {
|
private byte[] sign(byte[] data, String javaAlgorithm, PrivateKey key) throws Exception {
|
||||||
Signature signature = Signature.getInstance(javaAlgorithm);
|
Signature signature = Signature.getInstance(javaAlgorithm);
|
||||||
signature.initSign(key);
|
signature.initSign(key);
|
||||||
|
|
Loading…
Reference in a new issue